LDAP authentication failed
snowman5840
snowman5840 at t-online.de
Mon Oct 18 19:38:35 CEST 2010
Hi
i have some problems with LDAP authentication. If I login on my windows xp
sp3 client i want to check die login credentials against my LDAP service.
But the xp client uses doubleslashs in the username!! I think this will be
the problem!? If I test with radtest it works. What can i do to succecsful
login?
Debug log:
rad_recv: Access-Request packet from host 192.168.0.2 port 1812, id=62,
length=240
NAS-IP-Address = 192.168.0.2
NAS-Port = 50009
NAS-Port-Type = Ethernet
User-Name = "FIRMA1\\usera"
Called-Station-Id = "00-15-F9-D8-7C-C9"
Calling-Station-Id = "00-1A-4B-63-69-0B"
Service-Type = Framed-User
Framed-MTU = 1500
State = 0xc5fe953bc3f98c0b9575e677705364e2
EAP-Message =
0x0207006119001703010056b327be51594f6985d1854f17199fefe7151d57481c244787051f7067a50a0056a15e0a831a3aa3661a61aeed66e3c7dc85cd3315301bfd825c786fd60e0110f5124e76e2d543c9a6fd99371be7f1a9637b8ce527669f
Message-Authenticator = 0xad6e1b5107c7af4b9a5ba3e648d65859
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
++[unix] returns notfound
[suffix] No '@' in User-Name = "FIRMA1\usera", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[eap] EAP packet type response id 7 length 74
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
[ldap] performing user authorization for FIRMA1\usera
[ldap] WARNING: Deprecated conditional expansion ":-". See "man unlang" for
details
[ldap] ... expanding second conditional
[ldap] expand: %{User-Name} -> FIRMA1\5cusera
[ldap] expand: (uid=%{Stripped-User-Name:-%{User-Name}}) ->
(uid=FIRMA1\5cusera)
[ldap] expand: dc=firma1,dc=de -> dc=firma1,dc=de
[ldap] ldap_get_conn: Checking Id: 0
[ldap] ldap_get_conn: Got Id: 0
[ldap] performing search in dc=firma1,dc=de, with filter
(uid=FIRMA1\5cusera)
[ldap] object not found
[ldap] search failed
[ldap] ldap_release_conn: Release Id: 0
++[ldap] returns notfound
Configuration part of LDAP module:
ldap {
server = "192.168.0.5"
identity = "cn=admin,dc=firma1,dc=de"
password = "xxxx"
basedn = "dc=firma1,dc=de"
filter = "(uid=%{%{Stripped-User-Name}:-%{User-Name}})"
......
}
--
View this message in context: http://freeradius.1045715.n5.nabble.com/LDAP-authentication-failed-tp3217861p3217861.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.
More information about the Freeradius-Users
mailing list